Guidance Software undertakes a survey each year on some aspect of data management or data risk. This year, and unsurprisingly, the survey is about data risk and privacy, with the subtitle How concerned are organisations with data risk?

The survey results, which you can find here, show that more than 580 respondents contributed to the survey. For 46% of them the protection of sensitive and private data is a top priority. As the survey points out, the protection of data involves a mixture of hard benefits (reducing risk, optimising storage by defensible deletion, heading off fines) and soft benefits (corporate responsibility, reputational integrity, customer confidence).

Perhaps most interesting question was the one about the reasons that prompt investment in a solution to manage sensitive or private data. The “winner”, at 37%, was regulatory and policy compliance. Data breach, which I would have pictured as more significant, came in at 17%.

This focus on mitigating risk meant that improving business intelligence ranked at only 8% in the reasons for investment.

Asked what locations represented the organisation’s “highest concern”, 30% of the respondents said servers and 25% said desktop or laptop computers. It is possible that the question was interpreted differently by different respondents, some treating “highest concern” as referring to the value to be protected, and others thinking of it as the source of the highest risk.

Managing risks of this kind involved two primary elements – technology and the human factor. The survey’s conclusion is that technology is developing faster than the adoption of data governance policies.

The Guidance Software survey is an interesting snapshot view of corporate concern. Although Guidance Software usually covers a different topic each year, it would be interesting to re-run this one next year.

I am moderating three panels at Guidance Software’s Enfuse conference in Las Vegas next week. Two of them are relevant to the subjects covered by the survey. One is called Where’s my crown jewels? The link between data privacy and cyber risk management and another is called Time is not on your side when it comes to data security. You can see the connection between these and the subject-matter of the survey.

I understand that there are still places available at Enfuse. This will be my 8th or 9th year and I thoroughly recommend it.

Like this:

LikeLoading...

Related

About Chris Dale

I have been an English solicitor since 1980. I run the e-Disclosure Information Project which collects and comments on information about electronic disclosure / eDiscovery and related subjects in the UK, the US, AsiaPac and elsewhere